Reference Number: RF-7202
Closing Date: June 30, 2023

About CSE

Communications Security Establishment (CSE) is Canada's national cryptologic agency. Unique within Canada's security and intelligence community, we employ code-makers, codebreakers, and secure system creators to provide the Government of Canada with foreign signals intelligence (SIGINT), as well as cyber security services (Canadian Centre for Cyber Security). CSE is the national hub for cyber operations to defend Canada and advance national interests. We provide technical and operational assistance to federal law enforcement and security agencies.

About the job

CSE is currently looking for Cyber Security Practitioners to work in a dynamic and innovative environment. As a Cyber Security Practitioner, you will be using your expertise to provide cyber security advice and guidance, design and develop secure IT solutions, and to review product and solution assessments according to security risk management principles in a variety of positions relating to Cyber Security.

We are looking for individuals who are curious to learn new technologies, who possess great communication skills and enjoy collaborating with others to deliver exceptional services to clients. We are seeking candidates who are highly self-motivated, who are problem-solvers and who can balance conflicting priorities in a fast-paced environment.

Intent of this process

This selection process will be used to fill a variety of positions. These positions include (but may not be limited to):

Cyber Security Advisor:

Provides advice and guidance to clients by:

• Performing design reviews and participating in design workshops.
• Liaising between partners/clients and our internal technical staff.
• Representing CSE in technical partner/client discussions.
• Working with design, engineering, and IT security teams to assess risk for IT systems or cloud.
• Creating practical and technical advice and guidance on cyber security.

Information Systems Security Developer/Architect/Engineer

Develops and documents innovative secure IT security solutions – such as:

• Secure cellular / wireless capabilities
• Wireless intrusion detection and continuous monitoring solutions
• Secure cloud environments
• Cross domain solutions
• Maintaining a cyber security research environment

Cyber Security Analysts

• Specializes in network and IT infrastructure security and understands cyberattacks, malware and behaviour of cybercriminals.
• Investigates, analyzes, and helps clients respond to cyber security incidents.
• Searches for threats to Canada’s threat surface, including ongoing cyber activity and vulnerabilities in software, hardware, or firmware.
• Produces reports relating to cyber activities for dissemination to partner/clients.

Information Security Assessor

• Assesses IT systems, applications, and networks for security vulnerabilities.
• Performs static and dynamic analysis of software and systems.
• Uses industry tools, techniques and methodologies to detect, analyze and exploit network vulnerabilities. Uses industry tools, techniques and methodologies to detect, analyze and exploit network vulnerabilities.
• Provides tailored advice and guidance to clients based on these assessments.
• Conduct, or assist Government Departments in conducting IT security and risk assessments on cloud service providers (CSPs).

When ing to this selection process, candidates will be asked to select which positions they would like to be considered for. Matching applicants to the best hiring groups will be based on a combination of the candidate’s interest and organizational need.

Salary Range

• UNMA-09: $107,432 - $124,208 per year
• UNMA-08: $99,861 - $115,504 per year
• UNMA-07: $91,585 - $106,240 per year

Location

All jobs are in Ottawa, Ontario. Flexible work arrangements, including telework, may be possible. For more information on location, please visit the following link: https://www.cse-cst.gc.ca/en/culture-and-community/life-cse/where-we-work. CSE locations meet current accessibility standards.

Language Requirements

Various language requirements (English Essential or Bilingual BBB/BBB)

Area of Selection

Open to Canadian citizens.

Required Qualifications

You must clearly demonstrate in your application how you meet these required qualifications:

Education

You must have at least one of the following:

• A University degree in a field related to the position, such as (but not limited to): Computer Science, and Engineering,
• A College diploma in a field related to the position (as above),
• An acceptable combination of education and experience relevant to the position.

The educational program must be recognized in Canada and you must be able to provide proof of education credentials. Students graduating within the next twelve (12) months are eligible to .

Experience

• Experience in designing, creating, testing, or deploying IT security solutions.
• Experience in designing, analyzing, planning, developing or implementing IT programs, projects, or technical systems.
• Experience providing advice and recommendations to clients, peers, or management in IT.

Competencies

Competencies is our term for skills and/or knowledge. These required competencies are the skills/knowledge we need to see reflected in your application, interviews, etc., for you to be successful.

Technical Competencies

• Knowledge of Information Management (IM)/Information Technology (IT) Architecture

Knowledge and ability to architecture theories, principles, concepts, practices, methodologies, and frameworks to achieve the organization’s goals.

• Knowledge of Information Technology (IT) Security

The ability to predict, detect, and respond to anomalous network activity.

• Knowledge of Information Technology

Possesses a generalist’s knowledge of all areas in IT, including but not limited to:Software Application Development, Database Management, IT Security, IT Architecture, System Administration.

Behavioral Competencies

• Accountability/Autonomy

Effectively plan, organize & manage their time & activities to deliver high quality & efficient performance.

• Interactive Communication

Communicating in a compelling, honest, persuasive, effective, and articulate manner, thinking about who you need to communicate with, ensuring the message is clear, understood & consistent with CSE objectives.

• Working in a Team

Demonstrating effective interpersonal skills & working cooperatively and effectively within & across organizational units to achieve common goals.

Leadership Competencies

• Change and Innovation

Create a culture where flexibility & openness to new ideas are encouraged. Lead transformation with courage & conviction.

• Collaboration

Build relationships with traditional & non-traditional partners & stakeholders to develop solutions that reflect the interests of the organization.

Asset Qualifications

Assets are “nice-to-have” expertise and competencies we’re interested in. If you’re excited about what we do and working with us but are not sure you’re 100% there yet, please don’t let that stop you from ing.

You should clearly demonstrate in your application any specialized expertise that to you, as it may be used to determine which team you could best complement within CSE.

Asset Education

• Certified Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)

Asset Specialized Experience

• Experience in network virtualization, cloud technologies and/or cryptography.
• Experience in Identity and Access Management.
• Experience presenting briefings to clients, peers, or management in IT.
• Experience writing or working with Threat and Risk Assessments.
• Experience in product testing and evaluation.
• Experience in the security-related system management of either Windows or Linux server(s) or workstation (including VMs).
• Experience in the security configuration of enterprise telecommunications / unified communications platforms and/or enterprise networking (e.g. Cisco, Juniper).
• Experience with security protocols (e.g. TLS, HTTPS, IPSec, IKE), communications protocols (e.g. VoIP/SIP, REST interfaces, RCP, TCP streaming) and/or analysis tools (Wireshark, tcpdump, SIPp, etc.).
• Experience in component hardening and/or writing/editing component hardening guides.
• Experience evaluating and testing IT security products against security requirements (e.g. Common Criteria, FIPS 140-2, High Assurance standards).
• Experience using vulnerability assessment software and tools (Nessus, Nexpose, nmap, Burpsuite, Qualys, OpenVAS).
• Experience with designing or implementing an Enterprise Vulnerability management program.
• Experience with the security control catalogue specified by ITSG-33 or NIST 800-53.
• Experience conducting cyber security functions (configuring, collecting logs, monitoring, hardening, etc.) in a public cloud.
• Experience in handling cyber incidents.
• Experience in scripting or automation.

Asset Technical Competency

• Risk Management

Systematic process of identifying and analyzing or measuring potential risks

Application Process

Who Can - Area of Selection

You must be a Canadian citizen and be willing to comply with CSE’s own security policies and standards.

Security Requirements

You must have no criminal record. The screening process may involve the following:

• security interview
• polygraph test
• psychological assessment
• background investigation covering a minimum of your last 10 years history, including credit and financial verifications.

How to

You may submit your candidacy online by selecting “” at the bottom of this page.

If you cannot online or have a disability preventing you from ing online, please inform us by contacting careers-carrieres@cse-cst.gc.ca prior to the closing date of this selection process. CSE offers an assessment process that will accommodate any reasonable measures required to enable you to be assessed in a fair and equitable manner. Those measures are available to all candidates for further assessment. Related information received will be addressed confidentially. If you may need such accommodation, please advise us.

What to Expect

The entire selection process – tests, interviews, security investigation – may take more than one year to complete.

If you are deemed to be unsuccessful in the assessment process for this particular selection process, you may re in twelve (12) months.

Additional Details

The level of competence demonstrated in the various assessments will be used to determine your qualifications for the UNMA-07, UNMA-08 or UNMA-09 level.

If you do not meet all technical competencies, you could be considered for an underfill appointment (if during the assessment phase of the selection process, a candidate has not demonstrated the required proficiency level for some of the technical competencies of the position but has demonstrated the potential to develop those competencies through specified training and/or development, an underfill appointment could be considered. The candidate would be appointed at one level lower than the substantive level of the position.) In which case, an individual development plan will be established, depending on your qualifications and experience.

Training and Development

At CSE, we are proud to offer an inclusive and supportive working environment that encourages open minds and attitudes. As an organization that values and nurtures talent, we’re committed to helping you fulfill your potential. With comprehensive training and development opportunities, tailored to your needs and the requirements of your work, we’ll enable you to flourish in your role and perform to the best of your abilities.

Appointments

Determinate and indeterminate appointments will be used to staff positions of permanent or temporary tenures within CSE. All appointments have a one (1) year probation period.

Operational Requirements

Overtime, standby duty and travel may be required.

CSE Employment

CSE is a separate organization and is not subject to the Public Service Employment Act (PSEA). We have our own values-based staffing regime and as such, have the flexibility to determine qualifications for positions and how these qualifications will be assessed in a selection process. In other words, CSE has its own classification, compensation system, and a different staffing regime. As such, we use a different staffing process and terminology.

CSE is committed to the principle of equity in employment. We are committed to building a workforce that reflects the diversity of Canadians and to creating an open and inclusive workplace. We encourage you to voluntarily indicate if you are part of one of the groups targeted by employment equity: women, Indigenous people, people with disabilities (including people with learning disabilities, development or any other type of disability) and members of visible minorities.

We thank all applicants for their interest in CSE. However, only those selected for further consideration will be contacted.